rpm package
suse/dhcp&distro=SUSE Linux Enterprise Point of Sale 11 SP3
pkg:rpm/suse/dhcp&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-25217 | — | < 4.2.4.P2-0.28.12.1 | 4.2.4.P2-0.28.12.1 | May 26, 2021 | In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect | ||
| CVE-2018-5732 | — | < 4.2.4.P2-0.28.8.1 | 4.2.4.P2-0.28.8.1 | Oct 9, 2019 | Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section. Affe | ||
| CVE-2018-5733 | — | < 4.2.4.P2-0.28.8.1 | 4.2.4.P2-0.28.8.1 | Jan 16, 2019 | A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. Affects ISC DHCP 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0. | ||
| CVE-2016-2774 | Med | 5.9 | < 4.2.4.P2-0.27.1 | 4.2.4.P2-0.27.1 | Mar 9, 2016 | ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions. |
- CVE-2021-25217May 26, 2021affected < 4.2.4.P2-0.28.12.1fixed 4.2.4.P2-0.28.12.1
In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect
- CVE-2018-5732Oct 9, 2019affected < 4.2.4.P2-0.28.8.1fixed 4.2.4.P2-0.28.8.1
Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section. Affe
- CVE-2018-5733Jan 16, 2019affected < 4.2.4.P2-0.28.8.1fixed 4.2.4.P2-0.28.8.1
A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. Affects ISC DHCP 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0.
- affected < 4.2.4.P2-0.27.1fixed 4.2.4.P2-0.27.1
ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions.